PT-2025-38088 · Hewlett Packardaruba Networking · Edgeconnect Sd-Wan Gateways

Ncc Group

Published

2025-09-16

Updated

2025-09-17

CVE-2025-37128

CVSS v3.1

6.8

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions HPE Aruba Networking EdgeConnect SD-WAN Gateways (affected versions not specified)

Description A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to terminate arbitrary running processes. Successful exploitation could disrupt system operations, potentially resulting in an unstable system state.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-250

Related Identifiers

BDU:2025-11498

CVE-2025-37128

Affected Products

Edgeconnect Sd-Wan Gateways

PT-2025-38088 · Hewlett Packardaruba Networking · Edgeconnect Sd-Wan Gateways

CVE-2025-37128

Weakness Enumeration

Related Identifiers

Affected Products

References · 8